Skip to content

Instantly share code, notes, and snippets.

@rayedchan

rayedchan/GenerateRequestTestDriver.java

Last active February 1, 2023 23:03
Download ZIP
Generate requests using Oracle Identity Manager API
Raw
GenerateRequestTestDriver.java
package com.blogspot.oraclestack.testdriver;
import com.blogspot.oraclestack.services.OracleIdentityManagerClient;
import com.blogspot.oraclestack.utilities.GenerateRequestUtilities;
import java.util.HashMap;
import oracle.iam.platform.OIMClient;
import oracle.iam.vo.OperationResult;
/**
* Test Driver for GenerateRequestUtilities class
* @author rayedchan
*/
public class GenerateRequestTestDriver
{
// Adjust constant variables according to you OIM environment
public static final String OIM_HOSTNAME = "localhost";
public static final String OIM_PORT = "14000"; // For SSL, use 14001; For non-SSL, use 14000
public static final String OIM_PROVIDER_URL = "t3://"+ OIM_HOSTNAME + ":" + OIM_PORT; // For SSL, use t3s protocol; For non-SSL, use t3 protocol
public static final String AUTHWL_PATH = "lib/config/authwl.conf";
public static final String APPSERVER_TYPE = "wls";
public static final String FACTORY_INITIAL_TYPE = "weblogic.jndi.WLInitialContextFactory";
public static final String OIM_ADMIN_USERNAME = "xelsysadm";
public static final String OIM_ADMIN_PASSWORD = "Password1";
public static void main(String[] args) throws Exception
{
OracleIdentityManagerClient oimClientWrapper = null;
try
{
// Establish an OIM Client
oimClientWrapper = new OracleIdentityManagerClient(OIM_ADMIN_USERNAME, OIM_ADMIN_PASSWORD, AUTHWL_PATH, APPSERVER_TYPE, FACTORY_INITIAL_TYPE, OIM_PROVIDER_URL, false, null);
OIMClient oimClient = oimClientWrapper.getOIMClient();
// Instantiate Util Object
GenerateRequestUtilities genReqUtil = new GenerateRequestUtilities(oimClient);
// Input variables
String userLogin = "JCICCHELLA";
OperationResult response;
HashMap<String,String> modAttrs = new HashMap<String,String>();
modAttrs.put("First Name", "Justin2");
modAttrs.put("Last Name", "Cicchella2");
String entitlementValue = "Tech Lab"; // ENT_LIST.ENT_VALUE
String entitlementKey = "5"; // ENT_LIST.ENT_LIST_KEY
// Generate "Disable User" Request
response = genReqUtil.requestToDisableUser(userLogin);
System.out.printf("Request Id: {%s}, Entity Id: {%s}, Status: {%s}\n", response.getRequestID(), response.getEntityId(), response.getOperationStatus());
// Generate "Modify User" Request
response = genReqUtil.requestToModifyUserAttributes(userLogin, modAttrs);
System.out.printf("Request Id: {%s}, Entity Id: {%s}, Status: {%s}\n", response.getRequestID(), response.getEntityId(), response.getOperationStatus());
// Generate "Provision Entitlement" Request
response = genReqUtil.requestToProvisionEntitlement(userLogin, entitlementValue, entitlementKey);
System.out.printf("Request Id: {%s}, Entity Id: {%s}, Status: {%s}\n", response.getRequestID(), response.getEntityId(), response.getOperationStatus());
}
finally
{
oimClientWrapper.logout();
}
}
}
Raw
GenerateRequestUtilities.java
package com.blogspot.oraclestack.utilities;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import oracle.core.ojdl.logging.ODLLevel;
import oracle.core.ojdl.logging.ODLLogger;
import oracle.iam.api.OIMService;
import oracle.iam.exception.OIMServiceException;
import oracle.iam.identity.exception.NoSuchUserException;
import oracle.iam.identity.exception.UserLookupException;
import oracle.iam.identity.usermgmt.api.UserManager;
import oracle.iam.identity.usermgmt.api.UserManagerConstants;
import oracle.iam.identity.usermgmt.vo.User;
import oracle.iam.platform.OIMClient;
import oracle.iam.platform.utils.vo.OIMType;
import oracle.iam.request.vo.Beneficiary;
import oracle.iam.request.vo.RequestBeneficiaryEntity;
import oracle.iam.request.vo.RequestConstants;
import oracle.iam.request.vo.RequestData;
import oracle.iam.request.vo.RequestEntity;
import oracle.iam.request.vo.RequestEntityAttribute;
import oracle.iam.vo.OperationResult;
/**
* Generate a request in Oracle Identity Manager for the specific operation (E.g.
* Create User, Modify User, Create Role, Provision Account, Revoke Entitlement).
* The request must be approved in order for the changes be applied in OIM.
* Refer to oracle.iam.api.OIMService for more information.
* @author rayedchan
*/
public class GenerateRequestUtilities
{
// Logger
private ODLLogger logger = ODLLogger.getODLLogger(GenerateRequestUtilities.class.getName());
// OIM Service for API calls
private final OIMService oimService;
private final UserManager usrMgrOps;
/**
* Constructor
* @param oimService OIMService
*/
public GenerateRequestUtilities(OIMClient oimClient)
{
this.oimService = oimClient.getService(OIMService.class);
this.usrMgrOps = oimClient.getService(UserManager.class);
}
/**
*
* @param userLogin OIM User Login
* @return
* @throws NoSuchUserException
* @throws UserLookupException
* @throws OIMServiceException
*/
public OperationResult requestToDisableUser(String userLogin) throws NoSuchUserException, UserLookupException, OIMServiceException
{
// Call helper method to get usr_key by User Login
String usrKey = getUserKeyByUserLogin(userLogin);
// Setup Request Entity
RequestEntity reqEntity = new RequestEntity();
reqEntity.setRequestEntityType(OIMType.User); // Specify entity type to User
reqEntity.setEntityKey(usrKey); // Specify target user's usr_key
reqEntity.setOperation(RequestConstants.MODEL_DISABLE_OPERATION); // Specify DISABLE operation to perform
// Add single request entity to list
List<RequestEntity> entities = new ArrayList<RequestEntity>();
entities.add(reqEntity);
// Setup Request Data
RequestData reqData = new RequestData();
reqData.setTargetEntities(entities); // Set list of request entity
// Invoke request operation in OIM
OperationResult result = oimService.doOperation(reqData, OIMService.Intent.REQUEST);
return result;
}
/**
* Generate a request to OIM to modify User Profile
* @param userLogin OIM User Login
* @param modAttrs User Profile attributes to modify
* @return response
* @throws NoSuchUserException
* @throws UserLookupException
* @throws OIMServiceException
*/
public OperationResult requestToModifyUserAttributes(String userLogin, Map<String,String> modAttrs) throws NoSuchUserException, UserLookupException, OIMServiceException
{
// Call helper method to get usr_key by User Login
String usrKey = getUserKeyByUserLogin(userLogin);
// Generate a list of request entity attribute to modify
List<RequestEntityAttribute> reqModAttrs = new ArrayList<RequestEntityAttribute>();
for(Map.Entry<String,String> entry : modAttrs.entrySet())
{
RequestEntityAttribute modAttr = new RequestEntityAttribute(entry.getKey(), entry.getValue(), RequestEntityAttribute.TYPE.String);
reqModAttrs.add(modAttr);
}
// Setup Request Entity
RequestEntity reqEntity = new RequestEntity();
reqEntity.setRequestEntityType(OIMType.User);
reqEntity.setEntityKey(usrKey);
reqEntity.setOperation(RequestConstants.MODEL_MODIFY_OPERATION);
reqEntity.setEntityData(reqModAttrs);
// Add single request entity to list
List<RequestEntity> entities = new ArrayList<RequestEntity>();
entities.add(reqEntity);
// Setup Request Data
RequestData reqData = new RequestData();
reqData.setTargetEntities(entities); // Set list of request entity
// Invoke request operation in OIM
OperationResult result = oimService.doOperation(reqData, OIMService.Intent.REQUEST);
return result;
}
public OperationResult requestToProvisionEntitlement(String userLogin, String entitlementName, String entKey) throws NoSuchUserException, UserLookupException, OIMServiceException
{
// Call helper method to get usr_key by User Login
String usrKey = getUserKeyByUserLogin(userLogin);
// Setup Request Entity
RequestBeneficiaryEntity reqBenefEntity = new RequestBeneficiaryEntity();
reqBenefEntity.setRequestEntityType(OIMType.Entitlement);
reqBenefEntity.setEntitySubType(entitlementName);
reqBenefEntity.setEntityKey(entKey);
reqBenefEntity.setOperation(RequestConstants.MODEL_PROVISION_ENTITLEMENT_OPERATION);
// Add single request entity to list
List<RequestBeneficiaryEntity> entities = new ArrayList<RequestBeneficiaryEntity>();
entities.add(reqBenefEntity);
// Setup beneficiary to grant entitlement
Beneficiary beneficiary = new Beneficiary();
beneficiary.setBeneficiaryKey(usrKey);
beneficiary.setBeneficiaryType(Beneficiary.USER_BENEFICIARY);
beneficiary.setTargetEntities(entities);
// Add single beneficiary to list
List<Beneficiary> beneficiaries = new ArrayList<Beneficiary>();
beneficiaries.add(beneficiary);
// Setup Request Data
RequestData reqData = new RequestData();
reqData.setBeneficiaries(beneficiaries); // Set list of request entity
// Invoke request operation in OIM
OperationResult result = oimService.doOperation(reqData, OIMService.Intent.REQUEST);
return result;
}
/**
* Get the OIM User's USR_KEY
* @param userLogin OIM.User Login (USR_LOGIN)
* @return value of USR_KEY
* @throws NoSuchUserException
* @throws UserLookupException
*/
private String getUserKeyByUserLogin(String userLogin) throws NoSuchUserException, UserLookupException
{
boolean userLoginUsed = true;
HashSet<String> attrsToFetch = new HashSet<String>();
attrsToFetch.add(UserManagerConstants.AttributeName.USER_KEY.getId());
attrsToFetch.add(UserManagerConstants.AttributeName.USER_LOGIN.getId());
User user = usrMgrOps.getDetails(userLogin, attrsToFetch, userLoginUsed);
logger.log(ODLLevel.NOTIFICATION, "User Details: {0}", new Object[]{user});
return user.getEntityId();
}
}
Raw
OracleIdentityManagerClient .java
package com.blogspot.oraclestack.services;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.List;
import javax.security.auth.login.LoginException;
import oracle.core.ojdl.logging.ODLLevel;
import oracle.core.ojdl.logging.ODLLogger;
import oracle.iam.identity.exception.UserSearchException;
import oracle.iam.identity.usermgmt.api.UserManager;
import oracle.iam.identity.usermgmt.vo.User;
import oracle.iam.platform.OIMClient;
import oracle.iam.platform.authz.exception.AccessDeniedException;
import oracle.iam.platform.entitymgr.vo.SearchCriteria;
/**
* This class uses the OIMClient to access the API services of an Oracle
* Identity Manager environment.
* @author rayedchan
*/
public class OracleIdentityManagerClient
{
// Logger
public static ODLLogger logger = ODLLogger.getODLLogger(OracleIdentityManagerClient.class.getName());
// Instance Variables
private OIMClient oimClient; // OIM Client to use API services
/**
* This constructor initializes the OIMClient by logging in as an
* OIM Identity. A system administrator is necessary to perform
* all the OIM API services.
* @param username User Login of the OIM Identity
* @param password Plain text password of the OIM Identity
* @param authwlPath Path to "authwl.conf" file. This can be found in "$MW_HOME/Oracle_IDM1/designconsole/config".
* @param appServerType Type of application server OIM is deployed on. For WebLogic, this value should be "wls".
* @param factoryInitialType Type of factory initial. For WebLogic, this value should be "weblogic.jndi.WLInitialContextFactory".
* @param oimProviderURL The OIM provider URL. For non-SSL protocol, the value should be "t3://<oimhostname>:<oimport>". For SSL protocol, the value should be "t3s://<oimhostname>:<oimport>".
* @param isSSL Set to true if SSL protocol is in use.
* @param trustKeystorePath Set path to trust key store if SSL is being used.
*/
public OracleIdentityManagerClient(String username, String password, String authwlPath, String appServerType, String factoryInitialType, String oimProviderURL, boolean isSSL, String trustKeystorePath) throws LoginException
{
// Initializes OIMClient with environment information
this.initializeOIMClient(authwlPath, appServerType, factoryInitialType, oimProviderURL, isSSL, trustKeystorePath);
// Login to OIM with System Administrator Credentials
oimClient.login(username, password.toCharArray());
}
/**
* Setup the necessary system properties and environment information in
* order to use the OIM Client.
* @param authwlPath Path to "authwl.conf" file. This can be found in "$MW_HOME/Oracle_IDM1/designconsole/config".
* @param appServerType Type of application server OIM is deployed on. For WebLogic, this value should be "wls".
* @param factoryInitialType Type of factory initial. For WebLogic, this value should be "weblogic.jndi.WLInitialContextFactory".
* @param oimProviderURL The OIM provider URL. For non-SSL protocol, the value should be "t3://<oimhostname>:<oimport>". For SSL protocol, the value should be "t3s://<oimhostname>:<oimport>".
* @param isSSL Set to true if SSL is in use.
* @param trustKeystorePath Set path to trust key store if SSL is being used.
*/
private void initializeOIMClient(String authwlPath, String appServerType, String factoryInitialType, String oimProviderURL, boolean isSSL, String trustKeystorePath)
{
// Set system properties required for OIMClient
System.setProperty("java.security.auth.login.config", authwlPath);
System.setProperty("APPSERVER_TYPE", appServerType);
// Set SSL argument on runtime to point to trusted key store
if(isSSL)
{
System.setProperty("weblogic.security.SSL.trustedCAKeyStore", trustKeystorePath);
}
// Create an instance of OIMClient with OIM environment information
Hashtable<String, String> env = new Hashtable<String, String>();
env.put(OIMClient.JAVA_NAMING_FACTORY_INITIAL, factoryInitialType);
env.put(OIMClient.JAVA_NAMING_PROVIDER_URL, oimProviderURL);
this.oimClient = new OIMClient(env);
}
/**
* Get the OIMClient
* @return OIMClient object
*/
public OIMClient getOIMClient()
{
return this.oimClient;
}
/**
* Log out user from OIMClient.
*/
public void logout()
{
if(this.oimClient != null)
{
this.oimClient.logout();
logger.log(ODLLevel.TRACE, "Logout user from OIMClient.");
}
}
/**
* Method to test the OIMClient. All the Identities (users) are queried from
* OIM environment.
* @param args
*/
public void test() throws AccessDeniedException, UserSearchException
{
// Lookup User Manager service
UserManager usermgr = this.oimClient.getService(UserManager.class);
// Only fetch attributes defined in HashSet
HashSet attrQuery = new HashSet();
attrQuery.add("usr_key");
attrQuery.add("usr_login");
attrQuery.add("Display Name");
attrQuery.add("First Name");
attrQuery.add("Last Name");
// Call a method from User Manager service
List<User> users = usermgr.search(new SearchCriteria("User Login", "*", SearchCriteria.Operator.EQUAL), attrQuery, new HashMap());
logger.log(ODLLevel.NOTIFICATION, "OIM Users: {0}", new Object[]{users});
}
}
@jamesrc6
Copy link

Hola me podría ayudar con un ejemplo con RequestDataValidator.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment